Filtered by CWE-1284

Search

Switch to Advanced Search (Beta)
Total 225 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-31310 2024-10-31 5 Medium
Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the "set temperature input selection" command, potentially resulting in a loss of integrity and/or availability.
CVE-2024-8887 1 Circutor 3 Circutor Q Smt, Q-smt, Q-smt Firmware 2024-10-01 10 Critical
CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login page, allowing the attacker to use all the functionalities implemented at web level that allow interacting with the device.
CVE-2022-25769 1 Mautic 1 Mautic 2024-09-20 7.2 High
ImpactThe default .htaccess file has some restrictions in the access to PHP files to only allow specific PHP files to be executed in the root of the application. This logic isn't correct, as the regex in the second FilesMatch only checks the filename, not the full path.
CVE-2024-0111 1 Nvidia 1 Cuda Toolkit 2024-09-18 4.4 Medium
NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
CVE-2024-8558 2 Oretnom23, Sourcecodester 2 Food Ordering Management System, Food Ordering Management System 2024-09-10 4.3 Medium
A vulnerability classified as problematic was found in SourceCodester Food Ordering Management System 1.0. This vulnerability affects unknown code of the file /foms/routers/place-order.php of the component Price Handler. The manipulation of the argument total leads to improper validation of specified quantity in input. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.